On 12/20/2013 3:27 PM, Anil Saldhana wrote:
Some of this is what I hear from users, customers and the industry.
Also
see below:
On 12/20/2013 02:23 PM, Anil Saldhana wrote:
> Bill brought out some thoughts in my mind which I want to capture here
> to see what your thoughts are:
>
> * Certificate Management
> - We need a good system to CRUD certificates. The only good Java based
> oss I have seen is EJBCA.
>
> * Directory Server/Services
> - We have ApacheDS and OpenDS (or the ForgeRock version) as two
> possibilities in Java based directory servers. I am unsure if we have
> really explored building a solution for directory services.
* Another important consideration is Active Directory. It is an
ecosystem - has LDAP, Kerberos/SPNego, SAML, WSTrust etc. I think we
really need some type of Open Source solution to this ecosystem. The
core starts with directory services or a facade.
A huge part of Keycloak's value-add is it provides the UI for login,
registration, acct/credential/device/realm management. If these AD/LDAP
services are read-only, then there's not a lot Keycloak can offer you.
Also, for Keycloak 1.0.Final, we're focusing solely on securing Web Apps
and RESTful services. We can't have too many tangents or feature creep.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com